Designing authentication with seniors in mind

Developers typically adopt perceived best practice, and in the case of authentication this means password security. However, given the wide range of technical solutions available and the diverse needs and limitations of older users, we suggest that the default adoption of electronic “username and password” authentication may not be 'best practice' or even good practice. This paper highlights some challenges faced by three seniors, each of whom has multiple age- related disabilities and concomitant life challenges. The result is that they cannot authenticate themselves when they need to access their devices and accounts. We conclude by suggesting a number of research directions calculated to address some of these challenges and promote inclusive design and allow for diverse user authentication

Restoration of missing lines in grip patterns for biometrics authentication on a smart gun

The Secure Grip project1 aims to develop a grip-pattern recognition system, as part of a smart gun. Its target users are the police officers. The current authentication algorithm is based on a likelihood-ratio classifier. The grip pattern is acquired by sensors on the grip of the gun. Since in practice various factors can result in missing lines in a grip pattern, restoration of these missing lines will be useful and practical. We present a restoration algorithm based on null-space error minimization. The simulation results of the restoration and authentication experiments show that this restoration algorithm effectively restores grip patterns, and is, therefore, capable of improving the system’s authentication performance when missing lines are present

e-Authentication for online assessment: A mixed-method study

Authenticating the students’ identity and authenticity of their work is increasingly important to reduce academic malpractices and for quality assurance purposes in Education. There is a growing body of research about technological innovations to combat cheating and plagiarism. However, the literature is very limited on the impact of e-authentication systems across distinctive end-users because it is not a widespread practice at the moment. A considerable gap is to understand whether the use of e-authentication systems would increase trust on e-assessment, and to extend, whether students’ acceptance would vary across gender, age and previous experiences. This study aims to shed light on this area by examining the attitudes and experiences of 328 students who used an authentication system known as adaptive trust-based e-assessment system for learning (TeSLA). Evidence from mixed-method analysis suggests a broadly positive acceptance of these e-authentication technologies by distance education students. However, significant differences in the students’ responses indicated, for instance, that men were less concerned about providing personal data than women; middle-aged participants were more aware of the nuances of cheating and plagiarism;while younger students were more likely to reject e-authentication, considerably due to data privacy and security and students with disabilities due to concerns about their special needs

Case study:exploring children’s password knowledge and practices

Children use technology from a very young age, and often have to authenticate themselves. Yet very little attention has been paid to designing authentication specifically for this particular target group. The usual practice is to deploy the ubiquitous password, and this might well be a suboptimal choice. Designing authentication for children requires acknowledgement of child-specific developmental challenges related to literacy, cognitive abilities and differing developmental stages. Understanding the current state of play is essential, to deliver insights that can inform the development of child-centred authentication mechanisms and processes. We carried out a systematic literature review of all research related to children and authentication since 2000. A distinct research gap emerged from the analysis. Thus, we designed and administered a survey to school children in the United States (US), so as to gain insights into their current password usage and behaviors. This paper reports preliminary results from a case study of 189 children (part of a much larger research effort). The findings highlight age-related differences in children’s password understanding and practices. We also discovered that children confuse concepts of safety and security. We conclude by suggesting directions for future research. This paper reports on work in progress.<br/

The Role of Multi-factor Authentication for Modern Day Security

Multi-factor Authentication (MFA) often referred to as Two-factor Authentication (2FA), which is a subset of MFA, is the practice of implementing additional security methods on top of a standard username and password to help authenticate the identity of a user and increase the security of data.This chapter will investigate the problem with username and password logins, the different types of authentication, current best practice for multi-factor authentication and interpretations about how the technology will grow in the upcoming years

A New Biometric Template Protection using Random Orthonormal Projection and Fuzzy Commitment

Biometric template protection is one of most essential parts in putting a biometric-based authentication system into practice. There have been many researches proposing different solutions to secure biometric templates of users. They can be categorized into two approaches: feature transformation and biometric cryptosystem. However, no one single template protection approach can satisfy all the requirements of a secure biometric-based authentication system. In this work, we will propose a novel hybrid biometric template protection which takes benefits of both approaches while preventing their limitations. The experiments demonstrate that the performance of the system can be maintained with the support of a new random orthonormal project technique, which reduces the computational complexity while preserving the accuracy. Meanwhile, the security of biometric templates is guaranteed by employing fuzzy commitment protocol.Comment: 11 pages, 6 figures, accepted for IMCOM 201

A Generic Theory of Authentication to Support IS Practice and Research

This paper addresses a yawning gap in IS theory and practice. In the information systems (IS) discipline and profession, the concept of authentication is commonly limited in scope to the checking of assertions relating to identity. The effective conduct of organised activities depends on the authentication of not only assertions of those kinds, but also many other categories of assertion. The paper declares its metatheoretic assumptions, and outlines a pragmatic metatheoretic model whose purpose is to establish a workable framework for IS practitioners, and for researchers oriented to IS practice. Within this frame, a generic theory of authentication is proposed, encompassing not only commonly discussed kinds of assertions, but also other important categories relating to real-world properties, asset-value and content-integrity. This surfaces unaddressed opportunities for IS researchers in content-integrity authentication at the semantic level, relating to assertions of fact